Scribd
Upload
76 views4 pages

API Questions - Interview

This document discusses various topics related to API testing including what to test, common protocols used, types of API testing, status codes, and differences between key terms like API and web service. It provides an overview of common steps for API testing such as selecting test cases, developing API calls, configuring parameters, validating responses, and executing calls.

Uploaded by

Nandu Krish
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
76 views4 pages

API Questions - Interview

This document discusses various topics related to API testing including what to test, common protocols used, types of API testing, status codes, and differences between key terms like API and web service. It provides an overview of common steps for API testing such as selecting test cases, developing API calls, configuring parameters, validating responses, and executing calls.

Uploaded by

Nandu Krish
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

1.

Parse Complex JSON


2. Status Code
3. 401 and 403
4. What is Authentication ?
5. What is Authorisation ?
6. What is the difference between Authentication and Authorisation ?

API testing - What to test ?

- CRUD - Resource creation, updation, deletion


- Missing required functionality
- Proper messaging
- Reliability
- Multithreading and improper handling issues
- Repetition

JSON / XML Schema validation


Max, min, invalid, null values

Challenges
- How to maintain the flow - response of one request to pass to another test
- Different types of param validation
- Validation of input
- Validation of output
- parameter categorisation

Common protocol used in API


- Rest (Representational State transfer protocol) - design pattern to create apis | stateless |
Client - Server |Layered sys Encapsulation
- Soap
- http
- JMS & UDDI

Types of API testing


- Validation
- Functional
- Load
- Run time error
- Security (vulnerabilities, threats etc)
- Penetration testing

What is a resource in REST ?


- Any Content (HTML, Image, Files)

How to represent resources (Common ways)


- JSON and XML

Which protocol Rest WebService use ?


- HTTP

What is Difference Between API and WebService


- WebService - need a network to operate
- API dont need network for operation (send requests thru endpoints)

What is the difference between PUT and POST ?


- PUT - Create / Update
- POST - Post is used to create

RPC - Remote Procedure call


- Executing procedures on remote / different machine

GET
- retrieve resource from end point
- remain in browser history / bookmarked (so no sensitive info)

POST
- Create resource
- Never cache/ bookmarked / never remain in browser history
- No restriction on data length

PUT
- Create / Update
- Never cache

PATCH
- update partial resource

DELETE
- delete

OPTIONS
- returns all options and available HTTP methods
HEAD - returns the header info (get)
TRACE - trace the request
Status Code
200 - ok - Successful Post request
201 - new resource created

400 - Bad Request


404 - Not found
401 - Unauthorised
403 - Forbidden

500 - Internal Server error

What is HTTP Request Contained ?


- Request Method
- base URI + resource URL
- Request Header - Accept-Language, Accept-Encoding, Host, User-Agent etc
- Request Body

What is HTTP Response Contains?


- Status Code
- Response Header Fields - Date, Server, Last-Modified, Content-Type
- Response Body

Common Steps for API testing


- Select the test case
- Develop API call
- Configure the API params
- Determine how to validate the API response
- Execute the API call
- API call response - validate the data
Constraints of API - 6 constraints

You might also like